Total CVEs

143,377

Critical Severity

4,061

High Severity

14,648

Last 7 Days

1,370
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 17,921 - 17,940 of 39,782 CVEs
CVE-2026-35453 MEDIUM - 5.4

PhpSpreadsheet is a library for reading and writing spreadsheet files. In versions 1.30.3 and earlier, 2.0.0 through 2.1.15, 2.2.0 through 2.4.4, 3.3.0 through 3.10.4, and 4.0.0 through 5.6.0, the HTML Writer skips htmlspecialchars() output escaping when a cell uses a custom number format containing...

Vendor: composer
Product: phpoffice/phpspreadsheet
Published: Apr 28, 2026
Source: GitHub
CVE-2026-33190 HIGH - 7.5

CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the tsig plugin can be bypassed on non-plain-DNS transports (DoT, DoH, DoH3, DoQ, and gRPC) because it trusts the transport writer's TsigStatus() instead of performing verification itself. The DoH and DoH3 writer's T...

Vendor: go
Product: github.com/coredns/coredns
Published: Apr 28, 2026
Source: GitHub
CVE-2026-33489 HIGH - 7.5

CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the transfer plugin can select the wrong ACL stanza when both a parent zone and a more-specific subzone are configured. The longestMatch() function in plugin/transfer/transfer.go uses a lexicographic string comparison instead ...

Vendor: go
Product: github.com/coredns/coredns
Published: Apr 28, 2026
Source: GitHub
CVE-2026-32936 HIGH - 7.5

CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-HTTPS (DoH) GET path accepts oversized dns= query parameter values and performs URL query parsing, base64 decoding, and DNS message unpacking before rejecting the request. Unlike the POST path, which applies a bou...

Vendor: go
Product: github.com/coredns/coredns
Published: Apr 28, 2026
Source: GitHub
CVE-2026-32934 HIGH - 7.5

CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-QUIC (DoQ) server can be driven into unbounded goroutine and memory growth by a remote client that opens many QUIC streams and sends only 1 byte per stream. When the worker pool is full, CoreDNS still spawns a gor...

Vendor: go
Product: github.com/coredns/coredns
Published: Apr 28, 2026
Source: GitHub
CVE-2026-32699 MEDIUM - 4.3

FacturaScripts is an open source accounting and invoicing software. In versions 2025.92 and earlier, the application fails to validate the nick parameter during a POST request to the EditUser controller. Although the user interface prevents editing this field, a user can bypass this restriction by i...

Vendor: composer
Product: facturascripts/facturascripts
Published: Apr 28, 2026
Source: GitHub
CVE-2026-30246 MEDIUM - 6.5

Fiber is a web framework for Go. In github.com/gofiber/fiber/v3 versions through 3.1.0, the default key generator in the cache middleware uses only the request path and does not include the query string. As a result, requests for the same path with different query parameters can share a cache key an...

Vendor: go
Product: github.com/gofiber/fiber/v3
Published: Apr 28, 2026
Source: GitHub
CVE-2026-7319 HIGH - 7.3

A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function _get_context_file_path of the file src/execution_system_mcp/server.py of the component add_action Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remot...

Published: Apr 28, 2026
Source: NVD
CVE-2026-7318 MEDIUM - 5.9

A vulnerability was detected in elie mcp-project 0.1.0. The affected element is the function search_papers of the file research_server.py. The manipulation of the argument topic results in path traversal. Attacking locally is a requirement. The exploit is now public and may be used. The project was ...

Published: Apr 28, 2026
Source: NVD
CVE-2026-7317 MEDIUM - 5.0

A vulnerability was found in Grav CMS up to 1.7.49.5/2.0.0-beta.1. Affected by this vulnerability is the function FileCache::doGet of the file system/src/Grav/Framework/Cache/Adapter/FileCache.php of the component Cache Value Handler. The manipulation results in deserialization. The attack may be la...

Published: Apr 28, 2026
Source: NVD
CVE-2026-7316 HIGH - 7.3

A vulnerability has been found in eiliyaabedini aider-mcp up to 667b914301aada695aab0e46d1fb3a7d5e32c8af. Affected is an unknown function of the file aider_mcp.py of the component code_with_ai. The manipulation of the argument working_dir/editable_files leads to command injection. The attack may be ...

Published: Apr 28, 2026
Source: NVD
CVE-2026-7315 HIGH - 7.3

A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function get_pdf_path of the file src/spire_pdf_mcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched remotely. The explo...

Published: Apr 28, 2026
Source: NVD
CVE-2026-7314 HIGH - 7.3

A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function get_doc_path of the file src/spire_doc_mcp/api/base.py. Performing a manipulation of the argument document_name results in path traversal. The attack can be initiated remotely. The exploit is now public an...

Published: Apr 28, 2026
Source: NVD
CVE-2026-7306 MEDIUM - 5.6

A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/OpenApiController.java of the component OpenAPI Endpoint. Such manipulation of the argument default_token...

Published: Apr 28, 2026
Source: NVD
CVE-2026-7305 MEDIUM - 6.3

A weakness has been identified in Xuxueli xxl-job up to 3.3.2. The affected element is the function triggerJob of the file xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java of the component trigger Endpoint. This manipulation of the argument addressList causes server-...

Published: Apr 28, 2026
Source: NVD
CVE-2026-7303 LOW - 3.7

A security flaw has been discovered in Xuxueli xxl-job up to 3.3.2. Impacted is the function logDetailCat of the file xxl-job-admin/src/main/java/com/xxl/job/admin/controller/biz/JobLogController.java of the component Execution Log Handler. The manipulation of the argument logId results in improper ...

Published: Apr 28, 2026
Source: NVD
CVE-2026-7297 LOW - 2.4

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function save_user of the file /admin/ajax.php?action=save_user. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be executed remotely. The expl...

Published: Apr 28, 2026
Source: NVD
CVE-2026-7296 LOW - 2.4

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_order of the file /admin/ajax.php?action=save_order. Performing a manipulation of the argument first_name results in cross site scripting. Remote exploitation of the attack is possible. The explo...

Published: Apr 28, 2026
Source: NVD
CVE-2026-41649 HIGH - 7.7

Outline is a service that allows for collaborative documentation. The `shares.create` API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both `collectionId` and `documentId` are provided in the request, the authorization logic only check...

Vendor: outline
Product: outline
Published: Apr 28, 2026
Source: NVD
CVE-2026-41446 CRITICAL - 9.8

Snap One WattBox 800 and 820 series firmware versions prior to 2.10.0.0 contain undisclosed diagnostic HTTP endpoints that require only the device MAC address and service tag for authentication, both of which are printed in plaintext on the physical device label. Attackers with access to the device ...

Vendor: Snap One, LLC
Product: WattBox 800, WattBox 820
Published: Apr 28, 2026
Source: NVD